★ Sudden admin-rescue/ACL change without discussion

Hyperliquid's assessment for RD-F-123 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Contracts repo has 0 closed PRs and 25 commits (all 2023, all by 'jeff' or 'traderben'). No sudden admin-rescue or ACL change event documented in public on-chain or GitHub record post-deploy. However, the Bridge2 proxy admin (Hyper Foundation multisig) controls the upgrade path without any formal governance discussion process, undisclosed signer set, and no timelock. The upgrade authority is held opaquely. Yellow assigned for structural opacity in the upgrade/admin path rather than evidence of a specific undiscussed ACL change event.

Sources #

GitHub
https://github.com/hyperliquid-dex/contracts/commits/masterretrieved 2026-04-28
Docs
https://hyperliquid.gitbook.io/hyperliquid-docs/for-developers/api/bridge2retrieved 2026-04-28
GitHub
https://github.com/hyperliquid-dex/contracts/pullsretrieved 2026-04-28

Methodology #

Determine whether any admin-rescue function or ACL change was committed to the repo or executed on-chain without corresponding public discussion in issues, PRs, or governance forum.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol hyperliquid factor RD-F-123 score yellow collected_at 2026-04-28 13:58:49